On 2 Dec, Jon Parry-McCulloch wrote:
>
>
> Quote from rfc2222 (Simple Authentication and Security Layer):
>
> During the authentication protocol exchange, the mechanism
> performs
> authentication, transmits an authorization identity
> (frequently known
> as a userid) from the client to server, and negotiates the
> use of a
> mechanism-specific security layer. If the use of a security
> layer is
> agreed upon, then the mechanism must also define or negotiate
> the
> maximum cipher-text buffer size that each side is able to
> receive.
>
> This is still not encryption per se. It is merely negotiating a
> protocol for the client and server to use between them.
>
> Jon
Yep, but SASL compliance would require support for encryption in libs
and servers and thus make the openldap source a weapon.
Bart
--
// Bart Hartgers <Hartgers@kfm1.phys.tue.nl>
// UCE NOT wanted!!